From e627f950c1aa26856b64aaff530d86599793e9fc Mon Sep 17 00:00:00 2001
From: iddoeldor <iddo.eldor.work@gmail.com>
Date: Sat, 19 Jun 2021 18:43:37 +0300
Subject: [PATCH] fetch ssl keys

---
 README.md | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/README.md b/README.md
index c8f3dbd..d921aa0 100644
--- a/README.md
+++ b/README.md
@@ -131,6 +131,40 @@ Java method hook generator using keyboard shortcut
 
 </details>
 <hr />
+	
+
+#### Fetch SSL keys
+
+```js
+var keylog_callback = new NativeCallback(function(ssl, line) {
+  send(Memory.readCString(line));
+}, 'void', ['pointer', 'pointer']);
+
+if (ObjC.available) {
+  var CALLBACK_OFFSET = 0x2A8;
+  if (Memory.readDouble(Module.findExportByName('CoreFoundation', 'kCFCoreFoundationVersionNumber')) >= 1751.108) {
+    CALLBACK_OFFSET = 0x2B8;
+  }
+  Interceptor.attach(Module.findExportByName('libboringssl.dylib', 'SSL_CTX_set_info_callback'), {
+    onEnter: function (args) {
+      ptr(args[0]).add(CALLBACK_OFFSET).writePointer(keylog_callback);
+    }
+  });
+
+} else if (Java.available) {
+  var set_keylog_callback = new NativeFunction(Module.findExportByName(Module.findBaseAddress('libssl.so'), 'SSL_CTX_set_keylog_callback'), 'void', ['pointer', 'pointer']);
+
+  Interceptor.attach(Module.findExportByName(libSSL, 'SSL_CTX_new'), {
+    onLeave: function(retval) {
+      set_keylog_callback(retval, keylog_callback);
+    }
+  });
+}
+```
+
+	
+<br>[⬆ Back to top](#table-of-contents)
+	
 
 #### Load CPP module